package user;

import utils.JsonOut;
import utils.MysqlUtils;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.ResultSet;

@WebServlet(name = "ForgetChangePasswordServlet")
public class ForgetChangePasswordServlet extends HttpServlet {
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        HttpSession session = request.getSession();
//        Object emailAttr = session.getAttribute("forget_psw_email");

        PrintWriter out = response.getWriter();
//        if (emailAttr == null){
//            out.println(JsonOut.error(201, "forgetting_user_empty"));
//            return;
//        }
//        String email = emailAttr.toString();
//

        String email = request.getParameter("email");
        String vcode = request.getParameter("vcode");
        String newPass = request.getParameter("new_pass");
        String newPassAgain = request.getParameter("new_pass_again");

        if (email == null || email.isEmpty()){
            out.println(JsonOut.error(201, "email_empty"));
            return;
        }

        if (vcode == null || vcode.isEmpty()){
            out.println(JsonOut.error(201, "pass_empty"));
            return;
        }

        ResultSet resultSet = (new MysqlUtils()).getEmailVerify(email);

        if (resultSet == null){
            out.println(JsonOut.error(101, "not_exist"));
            return;
        }

        try{
            String emailVtime = resultSet.getString(2);
            long time = Long.parseLong(emailVtime);
            if (System.currentTimeMillis() - time > 3600000){
                out.println(JsonOut.error(107, "vcode_expired"));
                return;
            }

            String emailVcode = resultSet.getString(1);
            if (!emailVcode.equals(vcode)){
                out.println(JsonOut.error(106, "vcode_error"));
                return;
            }
        }catch (Exception e){
            out.println(JsonOut.error(101, "not_exist"));
            return;
        }

        if (newPass == null || newPass.isEmpty()){
            out.println(JsonOut.error(201, "pass_empty"));
            return;
        }
        if (newPassAgain == null || newPassAgain.isEmpty()){
            out.println(JsonOut.error(201, "pass_empty"));
            return;
        }
        // 检查新密码长度
        if (newPass.length() < 6){
            out.println(JsonOut.error(112, "psw_too_short"));
            return;
        }

        // 检查两次新密码是否一致
        if (!newPass.equals(newPassAgain)){
            out.println(JsonOut.error(103, "pass_incorrect"));
            return;
        }

        if (!(new MysqlUtils()).userChangePassword(email, newPass)){
            out.println(JsonOut.error(500, "sql_sth_wrong"));
            return;
        }

        out.println(JsonOut.error(0, "password_changed"));
    }

    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        PrintWriter out = response.getWriter();
        out.println(JsonOut.error(403, "forbidden"));
    }
}
